Tech Friday

posted by Brian Thomas - 

  • Amazon's new delivery service let's delivery people into your house:
    • The new "Amazon Key" service launches November 8th for Prime Members
    • From the Amazon website "As a Prime member, get your Amazon packages securely delivered just inside your front door. Plus, grant access to the people you trust, like your family, friends, dog walker, or house cleaner – no more leaving a key under the mat"
    • To use the service, you purchase a kit that includes an Amazon security camera (Cloud Cam) and a compatible smart lock from manufacturers including Kwikset and Yale. Prices start at $249.99
    • Once installed, you can order something and choose the "in-home" shipping option
    • When the delivery arrives at your house Amazon verifies the address and delivery time unlocks your door remotely using a special scanner
    • You can watch the process from your smartphone because the Cloud Cam records the delivery
    • The driver does not need an access code or key because Amazon can remotely unlock your door 
    • Amazon points out that you can also use the service to allow family and friends into your house when you're not home
    • According to the Amazon website, "On delivery day, you’ll receive a notification in the morning with a 4-hour delivery window for when the delivery driver will arrive at your home. Right before the driver arrives at your door, you will receive an “Arriving Now” notification and you can optionally watch the delivery happening live. The driver will knock first and then request to unlock your door with their Amazon handheld scanner. Amazon verifies that the package belongs to the address and the driver is near the door, turns on Amazon Cloud Cam and unlocks your door. No special codes or keys are given to the driver. The driver will then place the package just inside your door and request to relock the door. Once the delivery is complete and your door is relocked, you’ll get a final notification and can watch a video clip of the delivery."
    • It could also be used to grant access to service providers that need access to your home
    • Amazon Key will be available in 37 U.S. cities to start with more on the way
    • Amazon is not the only major retailer to experiment with remote delivery access. Walmart recently announced that it was testing a service that allows "Deliv" drivers into your home to deliver groceries
    • Walmart's service provides the driver a one-time password for a smart lock. You can watch the delivery on a webcam
    • What could go wrong?
    • Learn more about Amazon Key here: https://www.amazon.com/b?&node=17285120011
  •  Some tech insiders fear a smartphone dystopia is coming:
    • Several former tech industry employees are concerned about the addictive nature of the technology they helped build and are disconnecting from it
    • Justin Rosenstein, the engineer who created the Facebook "like" button, says likes are "bright dings of pseudo-pleasure"
    • Rosenstein is one of a growing number of Silicon Valley alumni who are warning about the rise of the so-called "attention economy"
    • It's the designers, engineers and product managers who have built these technologies that seem to be the most concerned
    • Rosenstein said, "It is very common for humans to develop things with the best of intentions and for them to have unintended, negative consequences."
    • How bad is it? One study found that people "touch" their phone 2,617 times per day
    • Nir Eyal, author of "Hooked: How to Build Habit-Forming Products", consults with companies to teach them techniques to build addictive products
    • Eyal said "The technologies we use have turned into compulsions, if not full-fledged addictions. It’s the impulse to check a message notification. It’s the pull to visit YouTube, Facebook, or Twitter for just a few minutes, only to find yourself still tapping and scrolling an hour later."
    • Eyal notes that our obsession with the latest, like, post or comment is exactly what the designers intended
    • Former Googler Tristan Harris is now a well-known critic of the tech industry. Harris said "All of us are jacked into this system. All of our minds can be hijacked. Our choices are not as free as we think they are"
    • Harris has a TED talk entitled "How a handful of tech companies control billions of minds every day". You can watch it here: https://www.ted.com/talks/tristan_harris_the_manipulative_tricks_tech_companies_use_to_capture_your_attention
    • Harris explains how the best designs are based variable rewards which is what makes gambling so addictive
    • These powerful platforms can be tailored to each individual to maximize the effect and keep users coming back for more
    • Loren Brichter, creator of the pull-to-refresh feature found in most apps, said "Smartphones are useful tools, but they’re addictive. Pull-to-refresh is addictive. Twitter is addictive. These are not good things."
    • James Williams, an ex-Googler responsible for Google Analytics, said the tech industry has become the "largest, most standardized and most centralized form of attentional control in human history"
    • Williams said "The dynamics of the attention economy are structurally set up to undermine the human will" 
    • "If Apple, Facebook, Google, Twitter, Instagram and Snapchat are gradually chipping away at our ability to control our own minds, could there come a point, I ask, at which democracy no longer functions?" - Williams
    • And the massive amounts of data captured by these platforms is generating massive amounts of revenue for these companies, so there is little incentive to change
    • Read the entire article here: https://www.theguardian.com/technology/2017/oct/05/smartphone-addiction-silicon-valley-dystopia
    • Then put your phone down and do something else!
    • Here are some interesting stats on smartphone usage: https://blog.dscout.com/mobile-touches
  • Equifax hacked due to a patchable vulnerability:
    • Information on more than 145 million people was stolen from Equifax
    • Equifax's breach is among the largest in the US, and the largest known leak so far this year
    • Equifax announced that they had been hacked from mid-May to July and the breach was discovered on July 29th
    • Thieves made off with names, Social Security numbers, birth dates, addresses and other sensitive information
    • Equifax reported that roughly 209,000 people had their credit card numbers stolen
    • Additionally, hackers stole documents with personal information on 182,000 victims
    • According to a report on the data breach by William Baird & Co., hackers exploited a flaw in Apache Struts, a popular open-source software package. You can read the Baird report here: https://baird.bluematrix.com/docs/pdf/dbf801ef-f20e-4d6f-91c1-88e55503ecb0.pdf
    • Two Struts vulnerabilities have been discovered so far in 2017. One of these flaws has existed since 2008
    • "At least 65% of the Fortune 100 companies are actively using web applications built with the Struts framework," the report said. "Organizations like Lockheed Martin, the IRS, Citigroup, Vodafone, Virgin Atlantic, Reader’s Digest, Office Depot, and SHOWTIME are known to have developed applications using the framework. This illustrates how widespread the risk is."
    • In their statement, Equifax said "Criminals exploited a US website application vulnerability to gain access to certain files"
    • Unfortunately, the flaw that allowed this attack was patched back in March of 2017
    • The flaw (CVE-2017-5638) was a result of Struts' parser, known as Jakarta, mishandling uploaded files. Hackers were able to remotely run code that was uploaded to the web server
    • Numerous security firms have reported that the flaw was was exploited in "a high number" of cases in March 2017
    • Cisco's Talos security division wrote "It is likely that the exploitation will continue in a wide scale since it is relatively trivial to exploit and there are clearly systems that are potentially vulnerable" 
    • This hack illustrates how critical is it to have good patch management discipline and apply patches in a very timely fashion
    • To determine if your information has been compromised and/or sign up for the free identity theft protection and credit monitoring, go here: https://www.equifaxsecurity2017.com/enroll/
Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here